Go SMS Pro, a popular messaging app for Android devices that has been downloaded over 100 million times from the Google Play Store by Android users, has now been removed from Google Play.
This was done just hours after it was reported that the app highlighted serious security holes that could allow anyone to access photos, videos, and other files sent privately by their users. users.
The developers of Go SMS Pro were notified of the flaw in August. However, the China-based company did not respond and did not confirm whether the issue had been resolved.
The app had more than 100 million downloads from Google Play before it was deleted. After the report was published, Google decided to go it alone and removed the app from the Play Store.
Besides the leaked messages, he also leaked private photos, financial transaction details, private messages, all part of SMS, to the web. Data for millions of Go SMS Pro users is available on the web.
Go SMS Pro allowed users to share files, photos and videos. If the other person did not have the Go SMS Pro app installed, a link was shared with them using regular text messages that allowed them to view the file in their browser.
Security researchers at Singaporean cybersecurity firm Trustwave have discovered the flaw in Go SMS Pro that publicly exposes media files transferred between its users.
The researchers found that the links sent through Go SMS Pro were sequential and could be predicted by someone who knows how it generates links.
The researchers noted that it was not possible to target an individual user on Go SMS Pro, but someone could cast a huge fishing net and retrieve a lot of private data.
Trustwave researchers found the problem especially on Go SMS Pro version 7.91, although they mentioned in a blog post that it was still in place.
The Go SMS Pro app is no longer available for download on Google Play. However, it may still be present on millions of devices it was installed on before it was removed.